TulipTools Internet Business Owners and Online Sellers Community

Full Version: Oracle DB Worm Code Published
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Quote:An anonymous hacker has released the first public example of an Oracle database worm.

The proof-of-concept code was published on the Full-disclosure mailing list with the subject line "Trick or treat Larry," an obvious taunt aimed at Oracle Corp.'s chief executive Larry Ellison.

Security experts have already picked apart the code and confirmed that the worm can squirm through Oracle databases with default user accounts and passwords.

...the code can be easily modified to cause major damage.

full article: http://www.eweek.com/article2/0,1895,1880682,00.asp
Update on this story:

Quote:Exploit code for a malicious worm capable of wreaking havoc through Oracle databases has been tweaked and published, prompting a new round of warnings that an actual attack is inevitable.

Two months after an anonymous researcher released the first public example of an Oracle database worm, the code has been advanced and republished on the Full Disclosure mailing list, adding additional techniques to attack databases.

...It is very possible to use this code to release a worm. I can do this right now if I wanted to."...

full article: http://www.eweek.com/article2/0,1895,1908755,00.asp